homepage Welcome to WebmasterWorld Guest from 54.235.61.62
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Social Media / Twitter
Forum Library, Charter, Moderators: rumbas

Twitter Forum

    
Twitter and False Updates Through SMS Spoofing
engine




msg:4525296
 12:52 pm on Dec 5, 2012 (gmt 0)

Over the past two days, a few articles have been published about a potential problem concerning the ability to post false updates to another user's SMS-enabled Twitter account, and it has been misreported that US-based Twitter users are currently vulnerable to this type of attack.
Twitter and False Updates Through SMS Spoofing [engineering.twitter.com]
Most Twitter users interact over the SMS channel using a "shortcode." In the US, for instance, this shortcode is 40404. Because of the way that shortcodes work, it is not possible to send an SMS message with a fake source addressed to them, which eliminates the possibility of an SMS spoofing attack to those numbers.

However, in some countries a Twitter shortcode is not yet available, and in those cases Twitter users interact over the SMS channel using a "longcode." A longcode is basically just a normal looking phone number. Given that it is possible to send an SMS message with a fake source address to these numbers, we have offered PIN protection to users who sign up with a longcode since 2007. As of August of this year, we have additionally disallowed posting through longcodes for users that have an available shortcode.

It has been misreported that US-based Twitter users are currently vulnerable to a spoofing attack because PIN protection is unavailable for them.

 

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Social Media / Twitter
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved